> > hello, list-folk-- > > the other day, i happened to join a conversation about Unix security with > a couple of fellows at a local bookstore. one of them mentioned the "magic" > hole. i have heard mention of this hole before, but i assumed the hole > no longer existed. apparently, this was a hole in /bin/login. does anyone > else remember this? the last time i heard mention of it was *several* > years ago, hence my assumption. then again, i recently spotted an old > sendmail hole ("wizard") at a site, so one can never really assume anything, > yes? This is probably associated with the MAGIC PID SUBSYSTEM which has been implemented on a number of popular UNIX's. Basically processes that acquire a MAGIC PID have special powers and can do 'magical' things. If a hole is found in a program (such as /bin/login) which is executing in a process with a MAGIC PID, it is said to have a 'magic hole'. LINUX is generally recognised as having the most complete MAGIC PID implementation. The benefits of MAGIC PIDs was discussed widely on IRC's #unix and #root about 12 months ago. For more info, I guess you could try the usenet LINUX or security groups. ------------------------------------------+----------------------------------- Mailed using ELM on FreeBSD | Karl Strickland PGP 2.3a Public Key Available. | Internet: karl@bagpuss.demon.co.uk |